Description: "net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release."
Tell us if suitable for stabling or not.
(In reply to Sam James (sec padawan) from comment #1) > Tell us if suitable for stabling or not. If no objections, I'll CC-ARCHES.
Unable to check for sanity: > no match for package: net-analyzer/net-snmp-5.8.1_pre1
amd64 stable
x86 stable
sparc stable
ppc stable
arm stable
arm64 stable
ppc64 stable
hppa stable
s390: ping
s390 stable. Please cleanup.
Tree cleaned in https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=07e54e9cb8c9cbe5d882436ee77ab823b4f96f8d.
This issue was resolved and addressed in GLSA 202008-12 at https://security.gentoo.org/glsa/202008-12 by GLSA coordinator Sam James (sam_c).